Security Alerts and Updates

Latest Security Updates for Apple Software
Latest Security Tests from AV-Comparatives

May 2024 (Click listings for more information).
26. This Week in Security – May 26 – by Zack Whittaker.
26. Windows 11 24H2’s AI feature Recall has been ported to existing hardware.
25. Arc browser’s Windows launch targeted by Google ads malvertising.
24. Microsoft Copilot was fixed worldwide after a 24-hour outage.
24. Cencora data breach exposes US patient info from 8 drug companies.
24. Google’s new AI Overviews in Search are generating major factual errors.
24. KB5039705: Microsoft fixes Windows KB5037765 “0x800f0982/0x80004005” install fails with OOB.
24. Google fixes eighth actively exploited Chrome zero-day this year.
23. Microsoft Copilot is continuing to recover from an extended Bing outage.
23. Microsoft spots gift card thieves using cyber-espionage tactics.
23. Apple wasn’t storing deleted iOS photos in iCloud after all.
23. Microsoft outage affects Bing, Copilot, DuckDuckGo, & ChatGPT internet search.
22. Rufus 4.5 has Windows & Linux improvements, for UEFI, NTFS, MBR, ISO, & GRUB.
22. LastPass is encrypting URLs in password vaults for better security.
22. Microsoft’s new Windows 11 Recall is a privacy nightmare.
22. Microsoft shares more info about privacy controls in the new ‘Recall’ feature in Windows 11.
21. Microsoft, OpenAI, Google, & other major companies reach AI safety agreement.
21. PowerToys 0.81 is out with AI-powered Advanced Paste.
21. Google rolls out Chrome fix for empty pages when switching tabs.
21. Zoom adds post-quantum end-to-end encryption to video meetings.
20. Apple fixes iPhone & iPad bug that brings back old photos deleted years ago.
20. Surface Laptop Go 3 gets fixes for screen flickering & Wi-Fi improvements.
19. This Week in Security – May 19 – by Zack Whittaker.
19. Frustration over Google’s AI Overviews feature: how to disable.
19. CISA warns of hackers exploiting Chrome, EoL D-Link bugs.
18. Microsoft Edge 125 is now available with Workspace, copy-paste improvements, & more.
17. The Week in Ransomware – May 17 – Mailbombing is back.
17. WebTPA data breach impacts 2.4 million insurance policyholders.
17. Microsoft Edge gets fixes for five more security vulnerabilities.
16. Video shows why you shouldn’t run unsupported Windows & stick to 10/11.
16. Microsoft shares temp fix for Outlook encrypted email reply issues.
16. Surface Pro 7 gets new firmware to prevent overheating.
15. Firefox 126 is out with RTX Video Super Resolution, new privacy features, & more.
15. Windows Quick Assist abused in Black Basta ransomware attacks.
15. Microsoft releases new free Windows 11 virtual machines.
15. Microsoft fixes a Chromium security vulnerability in Edge.
15. Google patches third exploited Chrome zero-day in a week.
14. PoC exploit released for RCE 0-day in D-Link EXO AX4800 routers.
14. Microsoft fixes VPN failures caused by April Windows updates.
14. Microsoft May Patch Tuesday fixes 3 zero-days & 61 flaws.
14. Windows 11 KB5037771 update released with 30 fixes, changes.
14. Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own.
14. Google Chrome emergency update fixes 6th zero-day in 2024.
13. Apple backports a fix for RTKit iOS zero-day to older iPhones.
13. Apple & Google launch location tracking detection for iPhone & Android.
13. Surface Laptop Studio 2 gets fixes for camera, audio, & more.
12. This Week in Security – May 12 – by Zack Whittaker.
11. Microsoft updates Edge to fix exploited security vulnerabilities.
10. The Week in Ransomware – May 10 – Chipping away at LockBit.
10. Dell API was abused to steal customer records in data breach.
10. Google fixes 5th Chrome 0-day exploited in attacks this year.
09. AT&T delays Microsoft 365 email delivery due to spam wave.
09. Dell warns of a data breach, 49 million customers affected.
09. MS-DEFCON 2: May updates are right around the corner.
08. Ascension Healthcare takes systems offline after cyberattack.
08. Apple updates iTunes for Windows with iPad Air & Pro support.
08. Webshop fraud ring steals credit cards from 850,000 people.
07. New attack leaks VPN traffic using rogue DHCP servers.
07. Surface Laptop Studio updates with gaming improvements & more.
07. May Office non-security Updates have been released.
06. Google changes how you set up 2-step Verification on your account.
06. City of Wichita shuts down IT network after ransomware attack.
06. The Proton Pass password manager adds Pass Monitor.
06. Why Your VPN May Not Be As Secure As It Claims.
05. KB5028997: Microsoft updated KB5034441/KB5034440 “0x80070643 – ERROR_INSTALL_FAILURE” fix [Update]
03. Android bug can leak DNS traffic with a VPN kill switch enabled.
03. Wintoys, a Windows tweaker, now skips SYSTEM-scheduled tasks.
03. Google rolls back reCaptcha update to fix Firefox issues.
03. ChromeOS M124 brings faster split-screen setup & Fast Pair for mice.
03. Edge browser updated with a built-in internet speed tester & security fixes.
02. Google Play Store gets a new ‘Government’ badge for official apps.
02. Bitwarden launches new MFA Authenticator app for iOS, Android.
02. Microsoft warns of “Dirty Stream” attack impacting Android apps.
02. Microsoft adds passkey support for all consumer accounts.
02. Microsoft won’t fix Windows 0x80070643 errors, manual fix required.
01. DropBox: hackers stole customer data, auth secrets from eSignature service.
01. Panda Restaurants data breached after corporate systems hack.
01. Microsoft says April Windows updates break VPN connections.
01. Qantas app exposed sensitive traveler details to random users.
01. New malware infects routers to monitor traffic for credentials.

April 2024 (Click listings for more information).
30. New Android malware hides behind hacked WordPress sites.
30. Change Healthcare hacked using stolen Citrix account with no MFA.
29. FCC fines carriers $200 million for illegally sharing user location.
29. FBI warns of fake verification schemes targeting dating app users.
29. Firefox updated with fixes for blank tabs, text corruption, & more.
29. Collection agency warns data breach impacts 1.9 million people.
29. Choppy cursor and Windows animations in Surface Pro 9 fixed.
29. Microsoft confirms bugs with profile pictures in Windows 11.
28. US Post Office phishing sites get as much traffic as the real one.
28. Chrome’s new post-quantum cryptography may break TLS connections.
28. Surface Go 2 & Studio 2 Plus get new firmware with network, audio, & other improvements.
27. This Week in Security – April 27 – by Zack Whittaker.
27. Setting up vulnerability – by Susan Bradley.
27. Surface Laptops 4 & 5 get USB-C charging fixes, and more.
27. Microsoft rolls back mistakenly released Copilot app on Windows Server in Edge update.
26. Kaiser Permanente: Data breach may impact 13.4 million patients.
25. Ubuntu 24.04 launched from Canonical with frame pointers & more.
25. Surface Pro 9 & Pro 8 get audio playback & recording improvements.
25. Brokewell malware takes over Android devices & steals data.
25. Vivaldi updates with tab hibernation, feed auto-detection, & more.
24. WhatsApp announces support for passkeys on iOS.
24. Google Meet opens client-side encrypted calls to non-Google users.
23. Microsoft pulls fix for Outlook bug behind ICS security alerts.
23. MS-DEFCON 4: “Safe – for now” – by Susan Bradley.
22. Mozilla turns off its latest security improvement due to download issues in Firefox 125.
21. This Week in Security – April 21 – by Zack Whittaker.
21. Tiny11 Builder lets you debloat any Windows 11 build or version.
21. Surface Pro X & Surface Studio 2 get new firmware with fixes.
21. Time for tech upgrades – by Susan Bradley.
20. USB-C charging & display issues in Surface Laptop 4 fixed.
19. The Week in Ransomware – April 19 – Attacks Ramp Up.
18. Microsoft Edge 124 is now available in the Stable Channel.
18. Vivaldi browser gets updated with support for Windows on ARM.
18. Cybercriminals pose as LastPass staff to hack password vaults.
17. SoumniBot malware exploits Android bugs to evade detection.
17. Microsoft’s security threat division sees evidence of more Russian disinformation efforts.
17. Botnets exploiting a one-year-old TP-Link flaw to hack routers.
16. T-Mobile & Verizon workers get texts offering $300 for SIM swaps.
16. Firefox 125 is out with improved AV1 video streaming & more.
15. Ransomware gang starts leaking stolen Change Healthcare data.
15. Cisco Duo third-party data breach exposed SMS MFA logs.
15. Microsoft lifts Windows 11 block on some Intel systems.
14. This Week in Security – April 14 – by Zack Whittaker.
14. Microsoft blocks BlackLotus Secure Boot mitigations on TPM 2.0 Windows Server 2012 PCs.
14. OpenTable won’t add first names or photos to old reviews now.
14. Microsoft fixed the Windows Kerberos PAC validation flaw.
13. Microsoft shares Windows Registry tweak for Spectre in Intel CPUs.
13. Microsoft updates Edge with sync crash fixes and security patches.
13. Microsoft lifts block preventing Windows 10 users from upgrading to 11.
13. Windows 11 (KB5036893), Windows 10 (KB5036892) cause slow PCs.
12. FBI warns of massive wave of road toll SMS phishing attacks.
12. Telegram fixes Windows app 0-day used to launch Python scripts.
12. Former AT&T customers get $6.3 million in data throttling refunds.
12. Roku warns 576,000 accounts hacked in credential stuffing attacks.
11. OpenTable is adding your first name to ‘anonymous’ reviews.
11. DuckDuckGo launches a premium Privacy Pro VPN service.
10. Chrome Enterprise gets Premium security for a price.
10. Intel updates its Bluetooth drivers with LE improvements.
10. AT&T now says data breach impacted 51 million customers.
10. T-Mobile could be profiling your data, here’s how to opt-out.
09. Microsoft fixes two Windows zero-days exploited in attacks.
09. Windows 10 KB5036892 update released with 23 new fixes.
09. Windows 11 KB5036893 update released with 29 changes.
09. Microsoft Patch Tuesday fixes 150 security flaws & 67 RCEs.
09. Over 90,000 LG Smart TVs may be exposed to remote attacks.
08. Targus discloses cyberattack after hackers detected on servers.
08. Critical RCE bug in D-Link NAS devices now exploited in attacks.
07. This Week in Security – April 7 – by Zack Whittaker.
07. Home Depot’s third-party data breach exposed employee info.
06. Over 92,000 D-Link NAS devices have a backdoor account.
06. Microsoft fixes 0x80073cf2 sysprep.exe errors in Windows 10.
05. The Week in Ransomware – April 5 – Virtual Machines under Attack.
05. Google VPN caught overwriting your Windows 11/10 DNS settings.
05. Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors.
05. Fake Facebook MidJourney AI page promoted malware.
05. China-based hackers are using AI to sow division in the US.
05. Panera Bread week-long IT outage caused by ransomware attack.
05. Microsoft fixes five security vulnerabilities in Edge 123.
05. Microsoft installing KB5035942 Moment 5 on Windows 11 23H2 PCs.
04. MS-DEFCON 2: April sprinkles – by Susan Bradley.
04. Microsoft fixes Outlook security alerts bug in December updates.
04. PowerToys 0.80 is out with Desired State Configuration support.
04. Hoya’s optics production and orders disrupted by cyberattack.
04. US cancer center data breach exposes info of 827,000 patients.
04. Windows 10 will have separate prices for extended security updates.
03. SurveyLama data breach exposes info of 4.4 million users.
03. Omni Hotels confirms cyberattack behind ongoing IT outage.
03. Jackson County in state of emergency after ransomware attack.
03. Google fixes one more Chrome 0-day exploited at Pwn2Own.
03. Google fixes 2 Pixel 0-day flaws exploited by forensics firms.
02. Microsoft warns Gmail blocks some Outlook emails as spam.
02. Omni Hotels experiencing nationwide IT outage since Friday.
02. Chrome feature aims to stop hackers from using stolen cookies.
02. April 2024 Office non-security updates are now available.
02. New XZ backdoor scanner detects implant in any Linux binary.
01. KB5036567: Microsoft improved Windows 11 KB5035942 (Moment 5) compatibility and recovery.
01. Google blocks spoofed emails for better phishing protection.
01. Yacht retailer MarineMax discloses data breach after an attack.
01. Google to get rid of data collected by Chrome’s Incognito mode.
01. Shopping platform PandaBuy data leak impacts 1.3 million users.
01. Windows 11 Moment 5 (KB5035942) causing install issues, more.